SUSE alert openSUSE-SU-2026:20141-1 (udisks2)

From:
             
 
null@suse.de
To:
             
 
security-announce@lists.opensuse.org
Subject:
             
 
openSUSE-SU-2026:20141-1: moderate: Security update for udisks2
Date:
             
 
Tue, 03 Feb 2026 15:24:48 +0100
Message-ID:
             
 
<20260203142448.42789FE9C@maintenance.suse.de>
Archive-link:
             
 
Article
openSUSE security update: security update for udisks2
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20141-1
Rating: moderate
References:

  * bsc#1248502



Cross-References:

  * CVE-2025-8067



CVSS scores:

  * CVE-2025-8067 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

Affected Products:

         openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for udisks2 fixes the following issues:

- CVE-2025-8067: Fixed a missing bounds check that could lead to out-of-bounds
  read in udisks daemon (bsc#1248502).


Patch instructions:

   To install this openSUSE security update use the suse recommended installation methods
   like YaST online_update or "zypper patch".
   Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

   zypper in -t patch openSUSE-Leap-16.0-226=1

Package List:

- openSUSE Leap 16.0:

  libudisks2-0-2.10.1-160000.3.1
  libudisks2-0-devel-2.10.1-160000.3.1
  libudisks2-0_btrfs-2.10.1-160000.3.1
  libudisks2-0_lsm-2.10.1-160000.3.1
  libudisks2-0_lvm2-2.10.1-160000.3.1
  typelib-1_0-UDisks-2_0-2.10.1-160000.3.1
  udisks2-2.10.1-160000.3.1
  udisks2-bash-completion-2.10.1-160000.3.1
  udisks2-docs-2.10.1-160000.3.1
  udisks2-lang-2.10.1-160000.3.1
  udisks2-zsh-completion-2.10.1-160000.3.1

References:

  * https://www.suse.com/security/cve/CVE-2025-8067.html